KRB5_DEPRECATED KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_password (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, const char *password, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) { return krb5_get_in_tkt (context, options, addrs, etypes, pre_auth_types, krb5_password_key_proc, password, NULL, NULL, creds, ccache, ret_as_reply); }
KRB5_DEPRECATED KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_keytab (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, krb5_keytab keytab, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) { krb5_keytab_key_proc_args a; a.principal = creds->client; a.keytab = keytab; return krb5_get_in_tkt (context, options, addrs, etypes, pre_auth_types, krb5_keytab_key_proc, &a, NULL, NULL, creds, ccache, ret_as_reply); }
krb5_error_code KRB5_LIB_FUNCTION krb5_get_in_tkt_with_skey (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, const krb5_keyblock *key, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) { if(key == NULL) return krb5_get_in_tkt_with_keytab (context, options, addrs, etypes, pre_auth_types, NULL, ccache, creds, ret_as_reply); else return krb5_get_in_tkt (context, options, addrs, etypes, pre_auth_types, krb5_skey_key_proc, key, NULL, NULL, creds, ccache, ret_as_reply); }
static krb5_error_code get_salt_and_kvno(krb5_context context, kcm_ccache ccache, krb5_enctype *etypes, char *cpn, char *newpw, krb5_salt *salt, unsigned *kvno) { krb5_error_code ret; krb5_creds creds; krb5_ccache_data ccdata; krb5_flags options = 0; krb5_kdc_rep reply; struct kcm_keyseed_data s; memset(&creds, 0, sizeof(creds)); memset(&reply, 0, sizeof(reply)); s.password = NULL; s.salt.salttype = (int)ETYPE_NULL; krb5_data_zero(&s.salt.saltvalue); *kvno = 0; kcm_internal_ccache(context, ccache, &ccdata); s.password = newpw; /* Do an AS-REQ to determine salt and key version number */ ret = krb5_copy_principal(context, ccache->client, &creds.client); if (ret) return ret; /* Yes, get a ticket to ourselves */ ret = krb5_copy_principal(context, ccache->client, &creds.server); if (ret) { krb5_free_principal(context, creds.client); return ret; } ret = krb5_get_in_tkt(context, options, NULL, etypes, NULL, kcm_password_key_proc, &s, NULL, NULL, &creds, &ccdata, &reply); if (ret) { kcm_log(0, "Failed to get self ticket for principal %s: %s", cpn, krb5_get_err_text(context, ret)); krb5_free_salt(context, s.salt); } else { *salt = s.salt; /* retrieve stashed salt */ if (reply.kdc_rep.enc_part.kvno != NULL) *kvno = *(reply.kdc_rep.enc_part.kvno); } /* ccache may have been modified but it will get trashed anyway */ krb5_free_cred_contents(context, &creds); krb5_free_kdc_rep(context, &reply); return ret; }